Windscribe VPN Suffers a Massive Security Hit

VPN provider Windscribe failed to encrypt servers that were seized by Ukranian authorities, putting users' privacy at risk.
Duncan Lambden

Known VPN provider Windscribe has revealed that it failed to encrypt its own VPN servers. These servers were seized by Ukrainian authorities, meaning that the Ukrainian government would be able to capture and log any traffic sent through the VPN.

One of the main reasons a lot of users invest in VPNs is to avoid government tracking, so for Windscribe to allow its customers to fall victim to this goes directly against one of the main appeals of using such a service.

While there is no record of which customers fell victim to Ukraine's watchful eye, Windscribe has vowed to improve its service, and has taken full responsibility for the breach, mapping out numerous steps the business is taking to improve its product for the future.

What Happened to Windscribe and Why Does It Matter?

Due to Windscribe's servers being located in Ukraine, they were susceptible to seizure by Ukrainian authorities. Normally this wouldn't be a massive issue, as the data that users send through the servers would be encrypted and protected. However, Windscribe's failure to appropriately protect these servers means that Ukraine has access to everything.

This is bad for customers, as it essentially lays bare their entire activity online – something which a VPN is fundamentally supposed to protect against.

As for Windscribe's response, it has owned up to the fault, with the company's director Yegor Sak making a statement:

“We make no excuses for this omission. Security measures that should have been in place were not. After conducting a threat assessment we feel that the way this was handled and described in our article was the best move forward. It affected the fewest users possible while transparently addressing the unlikely hypothetical scenario that results from the seizure.”

It's not just words though, as the company is making strides to improve after this mistake. These steps, according to Windscribe, are:

  1. All keys required for server function are no longer stored permanently on any our servers and exist solely in memory after they are put into operation
  2. All servers have unique short-lived certificates and keys generated from our new CA which are rotated
  3. Each server certificate has uniquely identifying Common Name + SANs
  4. New OpenVPN client configurations enforce server certificate X509 name verification using the common name which is unique.

What Are Some Better VPN Options?

While Windscribe has vowed to rectify this mistake and make sure it never happens again, a breach of this magnitude is an immense failure on behalf of the company, and should not be taken lightly.

Due to this security breach, we have removed Windscribe from our list of the most secure VPN services. A VPN's most important feature is its security and the protection of its customers, so when a service fails to provide this, its credibility takes a massive hit.

For our specific recommendations, NordVPN offers what we believe to be the most secure VPN service. Another good option is ExpressVPN.

0 out of 0
Test Score
Our scoring is based on independent tests and assessments of features, privacy settings, ease of use and value.
Price From
Lowest price for single month subscription to cheapest paid tier. Other plans are available.
Verdict
No. of Devices
No. of Servers
Zero Data Logging
Kill switch
Email Support
Live Chat
Ease of Use
Features
Privacy
Speed
Help & Support
Value for Money
Free Trial
Try
Click to find the latest offers, deals and discounts from the VPN provider
4.8
4.2
3.9
4.5
4.0
3.8
4.3
3.5
4.7
3.5

$2.99/month + 3 months free for Christmas

$3.99 /month

$1.99/mo

$2.03/mo

$9.99/mo

  • $5.75/mo

$4.99 per month

$2.29/month

$8.32 /month

$2.75/month (3-year plan)

Fast, effective, low-cost and simple – the best VPN we've tested, with risk-free money-back guarantee

Powerful features and security, but a bit technical. Some massive savings currently available.

A safe, simple, outstanding VPN

Outstanding value, with an advanced VPN app

Good VPN privacy at good speeds

A good, well-priced VPN

A decent option for expert users

A user-friendly VPN, let down by some speed loss

Superb features, but at a higher cost

A powerful tool for expert users

6

Unlimited

5

10

8-12

Unlimited

10

5

5

5

5,000+ (60+ countries)

1,300+ (55+ countries)

6,500

29,000+ (78+ countries)

3,000+ (50+ countries)

500+ (60+ countries)

1,300+ (61+ countries)

40

3,000+ (94+ countries)

60

★★★★★

★★★★☆

★★★★★

★★★☆☆

★★★★☆

★★★★★

★★★★★

★★★★★

★★★★★

★★★☆☆

★★★★★

★★★★☆

★★★★★

★★★★☆

★★★☆☆

★★★☆☆

★★★★★

★★★☆☆

★★★★★

★★★★★

★★★★★

★★★★☆

★★★★★

★★★★★

★★★★★

★★★★★

★★★★★

★★★★★

★★★★★

★★★★★

★★★★★

★★★★☆

★★★☆☆

★★★★☆

★★★☆☆

★★★☆☆

★★★★☆

★★☆☆☆

★★★★★

★★★★☆

★★★★☆

★★★★★

★★★★☆

★★★★☆

★★★☆☆

★★★☆☆

★★★☆☆

★★★★☆

★★★★☆

★★★☆☆

★★★★☆

★★★★☆

★★★★★

★★★★☆

★★★★☆

★★★★☆

★★★★☆

★★★★☆

★★★☆☆

★★★★☆

About our links

Tech.co is reader-supported. If you make a purchase through the links on our site, we may earn a commission from the retailers of the products we have reviewed. This helps Tech.co to provide free advice and reviews for our readers. It has no additional cost to you, and never affects the editorial independence of our reviews. Click to return to top of page

This article was last updated on:
Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Duncan (BA in English Textual Studies and Game Design) is an Australian-born senior writer for Tech.Co. His articles focus on website builders, and business software that allows small businesses to improve their efficiency or reach, with an emphasis on digital marketing or accounting. He has written for Website Builder Expert and MarTech Series, and has been featured in Forbes. In his free time, Duncan loves to deconstruct video games, which means that his loved ones are keenly concerned about the amount of time he spends looking at screens.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals